[dm-crypt] LUKS header recovery attempt, bruteforce detection of AF-keyslot bit errors

Robert Nichols rnicholsNOSPAM at comcast.net
Tue Apr 25 15:14:52 CEST 2017

On 04/24/2017 06:49 PM, protagonist wrote:
> However, I assume it is likely that a determined attacker running as
> root might be able to extract the master key from RAM if the encrypted
> volume in question is still open at the time of attack, so technically,
> there would be a way to do this without the password.

It's trivial. Just run "dmsetup table --showkeys" on the device.

Bob Nichols     "NOSPAM" is really part of my email address.
                 Do NOT delete it.

More information about the dm-crypt mailing list